|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [PATCH for-4.14] x86/spec-ctrl: Protect against CALL/JMP straight-line speculation
> -----Original Message----- > From: Jan Beulich <jbeulich@xxxxxxxx> > Sent: 01 July 2020 13:27 > To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>; Wei Liu <wl@xxxxxxx>; Roger > Pau Monné > <roger.pau@xxxxxxxxxx>; Paul Durrant <paul@xxxxxxx> > Subject: Re: [PATCH for-4.14] x86/spec-ctrl: Protect against CALL/JMP > straight-line speculation > > On 01.07.2020 13:58, Andrew Cooper wrote: > > Some x86 CPUs speculatively execute beyond indirect CALL/JMP instructions. > > > > With CONFIG_INDIRECT_THUNK / Retpolines, indirect CALL/JMP instructions are > > converted to direct CALL/JMP's to __x86_indirect_thunk_REG(), leaving just a > > handful of indirect JMPs implementing those stubs. > > > > There is no architectrual execution beyond an indirect JMP, so use INT3 as > > recommended by vendors to halt speculative execution. This is shorter than > > LFENCE (which would also work fine), but also shows up in logs if we do > > unexpected execute them. > > > > Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > > Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Release-acked-by: Paul Durrant <paul@xxxxxxx>
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |